package com.huawei.gamebox;

import com.huawei.wisesecurity.kfs.crypto.cipher.CipherAlg;
import com.huawei.wisesecurity.kfs.crypto.key.KeyStoreProvider;
import com.huawei.wisesecurity.kfs.crypto.signer.SignAlg;
import com.huawei.wisesecurity.kfs.exception.CryptoException;
import com.huawei.wisesecurity.kfs.exception.KfsException;
import com.huawei.wisesecurity.ucs.common.exception.UcsKeyStoreException;
import io.netty.handler.ssl.OpenSslKeyMaterialManager;
import java.io.IOException;
import java.security.Key;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.security.spec.MGF1ParameterSpec;
import javax.crypto.spec.OAEPParameterSpec;
import javax.crypto.spec.PSource;

/* loaded from: classes16.dex */
public class ws9 implements us9 {
    public static wo9 a;
    public static final ws9 b = new ws9();
    public static final Object c = new Object();

    @Override // com.huawei.gamebox.us9
    public byte[] a(String str, String str2) throws UcsKeyStoreException {
        byte[] sign;
        synchronized (c) {
            try {
                KeyStoreProvider keyStoreProvider = a.b;
                SignAlg.a(OpenSslKeyMaterialManager.KEY_TYPE_RSA);
                SignAlg signAlg = SignAlg.RSA_SHA256_PSS;
                try {
                    KeyStore keyStore = KeyStore.getInstance(keyStoreProvider.b());
                    keyStore.load(null);
                    Key key = keyStore.getKey(str, null);
                    if (!(key instanceof PrivateKey)) {
                        throw new KfsException("bad private key type");
                    }
                    PrivateKey privateKey = (PrivateKey) key;
                    keyStore.getCertificate(str).getPublicKey();
                    bp9 bp9Var = new bp9();
                    bp9Var.c = signAlg;
                    if (privateKey == null) {
                        throw new CryptoException("privateKey is invalid.");
                    }
                    xo9 xo9Var = new xo9(keyStoreProvider, privateKey, bp9Var, null);
                    xo9Var.a(str2);
                    sign = xo9Var.sign();
                } catch (IOException | KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException | CertificateException e) {
                    throw new KfsException("keystore get key with alias failed, " + e.getMessage());
                }
            } catch (KfsException e2) {
                yr9.b("KeyStoreManager", "doSign failed, " + e2.getMessage(), new Object[0]);
                throw new UcsKeyStoreException("doSign failed , exception " + e2.getMessage());
            }
        }
        return sign;
    }

    public byte[] b(String str, byte[] bArr) throws UcsKeyStoreException {
        byte[] bArr2;
        synchronized (c) {
            try {
                KeyStoreProvider keyStoreProvider = a.b;
                CipherAlg.c(OpenSslKeyMaterialManager.KEY_TYPE_RSA);
                OAEPParameterSpec oAEPParameterSpec = new OAEPParameterSpec("SHA-256", "MGF1", MGF1ParameterSpec.SHA1, PSource.PSpecified.DEFAULT);
                CipherAlg cipherAlg = CipherAlg.RSA_OAEP;
                try {
                    KeyStore keyStore = KeyStore.getInstance(keyStoreProvider.b());
                    keyStore.load(null);
                    Key key = keyStore.getKey(str, null);
                    if (!(key instanceof PrivateKey)) {
                        throw new KfsException("bad private key type");
                    }
                    PrivateKey privateKey = (PrivateKey) key;
                    keyStore.getCertificate(str).getPublicKey();
                    io9 io9Var = new io9();
                    io9Var.c = cipherAlg;
                    if (privateKey == null) {
                        throw new CryptoException("privateKey is invalid.");
                    }
                    ko9 ko9Var = new ko9(keyStoreProvider, privateKey, io9Var, oAEPParameterSpec);
                    ko9Var.c.b = jf9.E(bArr);
                    bArr2 = ko9Var.to();
                } catch (IOException | KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException | CertificateException e) {
                    throw new KfsException("keystore get key with alias failed, " + e.getMessage());
                }
            } catch (KfsException e2) {
                yr9.b("KeyStoreManager", "doDecrypt failed, " + e2.getMessage(), new Object[0]);
                throw new UcsKeyStoreException("doDecrypt failed , exception " + e2.getMessage());
            }
        }
        return bArr2;
    }
}
